Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

ddns-confgen.exe

windows7-x64

ddns-confgen.exe

windows10-2004-x64

dig.exe

windows7-x64

dig.exe

windows10-2004-x64

dnssec-dsfromkey.exe

windows7-x64

dnssec-dsfromkey.exe

windows10-2004-x64

dnssec-key...el.exe

windows7-x64

dnssec-key...el.exe

windows10-2004-x64

dnssec-keygen.exe

windows7-x64

dnssec-keygen.exe

windows10-2004-x64

dnssec-revoke.exe

windows7-x64

dnssec-revoke.exe

windows10-2004-x64

dnssec-settime.exe

windows7-x64

dnssec-settime.exe

windows10-2004-x64

dnssec-signzone.exe

windows7-x64

dnssec-signzone.exe

windows10-2004-x64

genrandom.exe

windows7-x64

genrandom.exe

windows10-2004-x64

host.exe

windows7-x64

host.exe

windows10-2004-x64

isc-hmac-fixup.exe

windows7-x64

isc-hmac-fixup.exe

windows10-2004-x64

libbind9.dll

windows7-x64

1

libbind9.dll

windows10-2004-x64

1

libdns.dll

windows7-x64

1

libdns.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    4s
  • max time network
    11s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:10

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\dig.exe command="C:\Users\Admin\AppData\Local\Temp\dig.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Report Analysis Logs

General

  • Target

    dig.exe

  • Size

    140KB

  • MD5

    5a6619c1640599acbba43c63239d1715

  • SHA1

    4d8598848892318afea22d5d696352262d2a93a5

  • SHA256

    c5ead07e5eeff6aa2dc4d9508d5baeb7c8da66ca8b202d6fe4df60f2001d239e

  • SHA512

    2fdb33f6aadb4348872fb9bdf9c46d383bc61aad9b1a75376ef846227698a557464a258d3631108bba88beb5cd3270eb3590b985721c44b999abcb8fcedce751

  • SSDEEP

    3072:NtLuHQknC3VJOV48dZR63nKUGa0bxD3pBmUS:JO1dZR63hYD3n

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\dig.exe
    "C:\Users\Admin\AppData\Local\Temp\dig.exe"
    1⤵
      PID:2452

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2452-0-0x0000000000400000-0x0000000000434000-memory.dmp

      Filesize

      208KB

      Download